ClickOnce Application Install - Security Warning

Question

I have a clickonce application that is deployed on the website (say, http://example.com) and users will download the setup.exe file of my published application from that website and install the application on their computer.

I have signed the ClickOnce manifests of my application with the Certificate issued by GoDaddy for my company.

But, the User still get the following Application Security Warning when they try to install my application. Is there a way around so that this security warning will not be shown at all?

Any help will be appreciated.

Answer 1

Well, you have to follow the steps in the MSDN-library (source):

When a ClickOnce application is being launched on a user's desktop the first time, the .NET Framework runtime will first check to ensure that the application manifests have not been tampered with since they were signed with whatever publisher certificate was used for signing. If they pass that check, the runtime will then look into the Trusted Root Certification Authority store and see if the certificate for the issuer of the publisher's certificate is installed in that store. It will then look at who the publisher on the certificate is, and see if their certificate is in the Trusted Publishers store. If those two things are true, then by default the user will not be prompted, and the application will be granted whatever privileges are specified in the application manifest file.

As long as the end user hasn't modified his notification settings, the prompt won't show up.